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Status of this Memo 


This memo provides information for the Internet community. It does 
not specify an Internet standard. Distribution of this memo is 
unlimited. 

Abstract 


This RFC presents a solution to problem of address space exhaustion 


in the Internet. It proposes a two-tier address structure for the 
Internet. This is an "idea" paper and discussion is strongly 
encouraged. 

Introduction 


Address space exhaustion is one of the most serious and immediate 
problems that the Internet faces today [1,2]. The current Internet 
address space is 32-bit. Each Internet address is divided into two 
parts: a network portion and a host portion. This division 
corresponds the three primary Internet address classes: Class A, 
Class B and Class C. Table 1 lists the network number statistics as 
of April 1992. 


Total Allocated Allocated (%) 
Class A 126 48 54% 
Class B 16383 7006 43% 
Class C 2097151 40724 2% 


Table 1: Network Number Statistics (April 1992) 


If recent trends of exponential growth continue, the network numbers 
in Class B will soon run out [1,2]. There are over 2 million Class C 
network numbers and only 2% have been allocated. However, a Class C 
network number can only accommodate 254 host numbers which is too 
small for most networks. With the rapid expansion of the Internet 
and drastic increase in personal computers, the time when the 32-bit 
address space is exhausted altogether is also not too distant [1-3]. 


Recently several proposals have been put forward to deal with the 
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immediate problem [1-4]. The Supernetting and C-sharp schemes 
attempt to make the Class C numbers more usable by re-defining the 
way in which Class C network numbers are classified and assigned 
[3,4]. Both schemes require modifications to the exterior routing 
algorithms and global coordination across the Internet may be 
required for the deployment. The two schemes do not expand the total 
number of addresses available to the Internet and therefore can only 
be used as a short-term fix for next two or three years. Schemes 
have also been put forwarded in which the 32-bit address field is 
replaced with a field of the same size but with different meaning and 
the gateways on the boundary re-write the address when the packet 


crossed the boundary [1,2,5]. Such schemes, however, requires 
substantial changes to the gateways and the exterior routing 
algorithm. 


In this paper, we present an alternative solution to the problem of 
address space exhaustion. The "Dual Network Addressing (DNA)" scheme 
proposed here is based on a two-tier address structure and sharing of 
addresses. It requires no modifications to the exterior routing 
algorithms and any networks can adopt the scheme individually at any 
time without affecting other networks. 


The Scheme 


The DNA scheme attempts to reduce the waste in using the Internet 
addresses. A useful analogy to our scheme is the extension system 
used in the telephone system. Many large organizations usually have 
extensive private telephone networks for internal use and at the mean 
time hire a limited number of external lines for communications with 
the outside world. In such a telephone system, important offices may 
have direct external lines and telephones in the public areas may be 
restricted to internal calls only. The majority of the telephones 
can usually make both internal calls and external calls. But they 
must share a limited number of external lines. When an external call 
is being made, a pre-defined digit has to be pressed so that an 
external line can be allocated from the poll of external lines. 


In the DNA scheme, there are two types of Internet addresses: 
Internal addresses and External addresses. An internal address is an 
Internet address only used within one network and is unique only 
within that network. An interface with an internal address can only 
communicate with another interface with an internal address in the 
same network. An external address is unique in the entire Internet 
and an interface with an external address can communicate directly to 
another interface with an external address over the Internet. All 
current Internet addresses are external addresses. 


In effect, the external addresses form one global Internet and the 
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internal addresses form many private Internets. Within one network, 
the external addresses are only used for inter-network communications 
and internal addresses for intra-network communications. An External 
Address Sharing Service (EASS) is needed to manage the sharing of 
external addresses. An EASS server reserves a number of external 
addresses. When a machine that only has an internal address wants to 
communicate a machine with an external address in other networks, it 
can send a request to an EASS server to obtain a temporary external 
address. After the use, the machine can return the external address 
to the EASS server. 


We believe that, with the DNA scheme, a network can operate with a 
limited number of external addresses. The reasons are as follows: 


* In most networks, the majority of the traffic is confined to 
its local area networks. This is due the nature of 
networking applications and the bandwidth constraints on 
inter-network links. 


* The number of machines which act as Internet servers, i.e., 
running programs waiting to be called by machines in other 
networks, is often limited and certainly much smaller than 
the total number of machines. These machines include mail 
servers, domain name servers, ftp archive servers, directory 
servers, etc. 


* There are an increasingly large number of personal machines 
entering the Internet. The use of these machines is 
primarily limited to their local environment. They may also 
be used as "clients" such as ftp and telnet to access other 
machines. 


* For security reasons, many large organizations, such as banks, 
government departments, military institution and some 
companies, may only allow a very limited number of their 
machines to have access to the global Internet. The majority 
of their machines are purely for internal use. 


In the DNA scheme, all machines in a network are assigned a permanent 
internal address and can communicate with any machines within the 
same network. The allocation of external addresses depends on the 
functions of the machines and as a result it creates three-level 
privileges: 


* machines which act as servers or used as central computing 
infrastructure are likely to have frequent communications 
with other networks therefore they may require external 
addresses all the time. These machines are allocated 
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permanent external addresses. 


* machines which are not allowed to communicate with other 
networks have no external addresses and can only communicate 
with machines within their own network. 


* the rest of the machines share a number of external 
addresses. The external addresses are allocated by 
the EASS server on request. These machines can only 
used as clients to call machines in other networks, 
i.e., they can not be called by machines in other networks. 


A network can choose any network number other than its external 
network number as its internal network number. Different networks 
can use the same network number as their internal number. We propose 
to reserve one Class A network number as the well-known network 
number for internal use. 


The Advantages 


The DNA scheme attempts to tackle the problem from the bottom of the 
Internet, i.e., each individual network, while other schemes 
described in the first section deal with the problem from the top of 
the Internet, i.e., gateways and exterior routing algorithms. These 
schemes, however, do not need to be consider as mutually exclusive. 
The DNA scheme has several advantages: 


* The DNA scheme takes an evolutionary approach towards the 
changes. Different networks can individually choose to 
adopt the scheme at any time only when necessary. 
There is no need for global coordination between different 
networks for their deployment. The effects of the deployment 
are confined to the network in which the scheme is being 
implemented, and are invisible to exterior routing 
algorithms and external networks. 


* With the DNA scheme, it is possible for a medium size organization 
to use a Class C network number with 254 external addresses. 
The scheme allows the current Internet to expand to over 2 million 
networks and each network to have more than 16 million hosts. 
This will allow considerable time for a long-term solution to 
be developed and fully tested. 


* The DNA scheme requires modifications to the host software. 
However, the modifications are needed only in those networks 
which adopt the DNA scheme. Since all existing Class A and B 
networks usually have sufficient external addresses for all their 
machines, they do not need to adopt the DNA scheme, and therefore 
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need no modifications at all to their software. The networks 
which need to use the DNA scheme are those new networks which are 
set up after the Class A and B numbers run out and have to 

use a Class C number. 


* The DNA scheme makes it possible to develop to a new addressing 
scheme without expanding the 32-bit address length to 64-bit. 
With the two-tier address structure, the current 32-bit space 
can accommodate over 4 billion hosts in the global Internet and 
100 million hosts in each individual network. When we move to a 
classless multi-hierarchic addressing scheme, the use of external 
addresses can be more efficient and less wasteful and the 
32-bit space can be adequate for the external addresses. 


* When a new addressing scheme has been developed, all current 
Internet addresses have to be changed. The DNA scheme will make 
such a undertaking much easier and smoother, since only the 
EASS servers and those have permanent external addresses will 
be affected, and communications within the network will not 
be interrupted. 


The Modifications 


The major modifications to the host software is in the network 
interface code. The DNA scheme requires each machine to have at 
least two addresses. But most of the host software currently does 
not allow us to bind two addresses to one physical interface. This 
problem can be solved by using two network interfaces on each 
machine. But this option is too expensive. Note the two interfaces 
are actually connected to the same physical network. Therefore, if 
we modify the interface code to allow two logical interfaces to be 
mapped onto one single physical interface, the machine can then use 
both the external address and the internal address with one physical 
interface as if it has two physical interfaces. In effect, two 
logical IP networks operate over the same physical network. 


The DNA scheme also has implications to the DNS service. Many 
machines will have two entries in the local name server. The DNS 
server must examine the source address of the request and decide 
which entry to use. If the source address matches the well-known 
internal network number, it passes the internal address of the domain 
name. Otherwise, the name server passes the external address. 


An EASS server is required to manage the sharing of the external 
addresses, i.e., to allocate and de-allocate external addresses to 


the machines which do not have permanent external addresses. This 
service can be provided by using the "Dynamic Host Configuration 
Protocol (DHCP)" [6]. 
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Many hosts do an inverse lookup of incoming connections. Therefore, 
it is desirable the entry in the DNS server be updated whenever a new 
external address is allocated. This will also allow an machine which 
currently has a temporary external address to be called by other 
machines. The updating of the entry in the DNS server can be done 
more easily if the EASS server and DNS server are co-located. 
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Security Considerations 
Security issues are not discussed in this memo. 
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